Citation[]
Matthew E. Morin, Protecting Networks via Automated Defense of Cyber Systems (Sept. 2016) (full-text).
Overview[]
Overview[]
Over the next ten to fifteen years, the number of internet-enabled devices is anticipated to grow exponentially, which will magnify cyber risks across an expanding attack surface area. It is unclear whether current manual methods of detection, verification, and remediation will allow network defenders to keep up with those risks. This thesis examined whether automated cyber defenses promise to be more effective than current models to cope with the results of vulnerabilities introduced by the projected increase in internet-enabled devices.
The thesis further proposed a future model called Automated Defense of Cyber Systems, built upon three core technological components: sensors, autonomics, and artificial intelligence. Our conclusion is that automation is the future of cyber defense, and that advances are being made in each of the three technological components to support needed productivity gains for information technology security personnel. Continued advances will occur piecemeal, and it is recommended that network defenders make incremental investments consistent with an automated defensive strategy.